Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/KYsrJXDh9O2OXQCzC7nZBBbca4k.roa
File: KYsrJXDh9O2OXQCzC7nZBBbca4k.roa (raw, json)
Hash identifier: fQr6lxFUMESSmCv+y7aqxNMrJB5yDjZo1Mm2tzFoCoM=
Subject key identifier: 29:8B:2B:25:70:E1:F4:ED:8E:5D:00:B3:0B:B9:D9:04:16:DC:6B:89
Certificate issuer: /CN=148a0c4067ca33ac76573fc86cfd75b7ecd200ff
Certificate serial: 01856D0AC1A326479BA1E7EECEEE1546BDD5
Authority key identifier: 14:8A:0C:40:67:CA:33:AC:76:57:3F:C8:6C:FD:75:B7:EC:D2:00:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FIoMQGfKM6x2Vz_IbP11t-zSAP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/KYsrJXDh9O2OXQCzC7nZBBbca4k.roa
Signing time: Sun 01 Jan 2023 11:14:59 +0000
ROA not before: Sun 01 Jan 2023 11:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15617
IP address blocks: 212.152.112.0/20 maxlen: 20
188.73.232.0/21 maxlen: 21
212.152.66.0/24 maxlen: 24
212.152.64.0/18 maxlen: 22
188.73.244.0/22 maxlen: 22
212.152.68.0/23 maxlen: 23
212.152.72.0/21 maxlen: 22
188.73.249.0/24 maxlen: 24
188.73.252.0/22 maxlen: 22
212.152.76.0/22 maxlen: 22
188.73.248.0/24 maxlen: 24
212.152.82.0/23 maxlen: 24
212.152.80.0/22 maxlen: 23
212.152.91.0/24 maxlen: 24
212.152.96.0/19 maxlen: 19
188.73.192.0/22 maxlen: 22
188.73.192.0/18 maxlen: 24
188.73.196.0/22 maxlen: 22
2a00:a880::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:c1:a3:26:47:9b:a1:e7:ee:ce:ee:15:46:bd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=148a0c4067ca33ac76573fc86cfd75b7ecd200ff
Validity
Not Before: Jan 1 11:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=298b2b2570e1f4ed8e5d00b30bb9d90416dc6b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c9:5b:20:83:e3:2d:ad:3f:cf:48:df:6a:39:
09:8c:7f:aa:a0:bd:04:f0:d0:02:12:61:0d:cc:11:
d0:47:14:f5:7d:4b:68:f1:0e:9d:72:3c:81:30:98:
80:7a:ae:1a:03:72:b4:12:0c:96:df:75:77:e7:f3:
c5:a6:3d:ea:84:d0:0a:96:f8:2c:7b:e1:a1:21:b4:
d3:7b:77:8c:18:7c:b4:a4:73:21:8f:6b:1d:5b:a3:
29:62:f1:85:d6:19:f4:25:8c:78:69:af:b8:62:74:
32:6b:6d:0e:e8:1b:b0:d4:87:c9:72:73:3f:ae:77:
1f:e6:f0:ce:d6:f3:97:67:25:0c:1d:87:98:20:63:
84:97:51:a8:a0:e1:c5:2d:b9:ec:ce:74:bc:1b:a4:
c6:0e:f9:84:3a:2b:8e:6e:b5:35:7c:e6:c0:f6:59:
2c:ad:e1:51:02:3d:e6:fb:fb:2a:90:c9:56:98:78:
b5:a7:76:b0:cc:56:24:8a:f2:85:22:b0:d8:59:37:
c2:53:a8:2e:cc:14:05:64:df:8d:6f:8e:fe:a0:63:
ff:20:ca:89:eb:1e:6d:59:0c:90:d2:87:5e:4e:f9:
4d:5d:09:46:3a:cb:08:94:28:50:38:3d:df:15:af:
b2:3c:20:fe:2a:e1:32:4b:c8:0e:60:2f:f2:e9:e0:
0b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8B:2B:25:70:E1:F4:ED:8E:5D:00:B3:0B:B9:D9:04:16:DC:6B:89
X509v3 Authority Key Identifier:
keyid:14:8A:0C:40:67:CA:33:AC:76:57:3F:C8:6C:FD:75:B7:EC:D2:00:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FIoMQGfKM6x2Vz_IbP11t-zSAP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/KYsrJXDh9O2OXQCzC7nZBBbca4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/FIoMQGfKM6x2Vz_IbP11t-zSAP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.73.192.0/18
212.152.64.0/18
IPv6:
2a00:a880::/32
Signature Algorithm: sha256WithRSAEncryption
3a:79:46:de:4d:24:cb:47:fc:7c:08:bb:aa:24:11:97:11:b2:
ef:70:e1:c5:1a:17:1e:d5:37:51:5d:d6:98:bd:de:bb:d1:40:
88:ba:a3:78:13:f7:f7:d6:49:d5:09:f6:f5:40:e5:0f:71:b6:
9f:15:73:7f:fc:23:5a:e8:30:51:48:17:45:84:c9:22:48:4e:
bd:5f:4d:a8:74:2f:23:b2:2d:34:f8:8c:48:a2:29:7f:26:ad:
2f:01:53:d7:6c:d7:fb:55:ca:53:ad:bb:05:35:c1:31:ac:1f:
fb:6d:a8:2e:a9:77:eb:33:03:1e:95:1f:48:7e:07:0e:bc:86:
fc:10:5f:ef:95:a1:d2:ff:fd:a8:ed:d7:39:39:b1:ce:de:8a:
fa:4f:a1:5d:76:ca:c2:1a:1a:fc:a3:47:80:88:5a:7a:bf:29:
d2:4b:b2:37:95:5c:f1:42:88:a8:10:38:30:c8:33:fe:ce:f9:
cd:06:50:a4:94:22:81:db:26:4b:42:c4:c0:d0:43:de:f7:a2:
7c:29:f4:f3:90:ea:18:0a:37:57:d4:70:32:b9:9b:48:5e:fd:
24:d9:b9:2b:77:ef:0c:e8:22:f8:62:8e:f2:42:37:da:b6:10:
2a:f1:53:8a:3d:66:a1:bc:25:5b:e8:32:ae:df:40:88:d2:c4:
5a:1b:49:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtCsGjJkeboefuzu4VRr3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OGEwYzQwNjdjYTMzYWM3NjU3M2ZjODZjZmQ3NWI3ZWNk
MjAwZmYwHhcNMjMwMTAxMTExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOThiMmIyNTcwZTFmNGVkOGU1ZDAwYjMwYmI5ZDkwNDE2ZGM2Yjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlslbIIPjLa0/z0jfajkJjH+qoL0E
8NACEmENzBHQRxT1fUto8Q6dcjyBMJiAeq4aA3K0EgyW33V35/PFpj3qhNAKlvgs
e+GhIbTTe3eMGHy0pHMhj2sdW6MpYvGF1hn0JYx4aa+4YnQya20O6Buw1IfJcnM/
rncf5vDO1vOXZyUMHYeYIGOEl1GooOHFLbnsznS8G6TGDvmEOiuObrU1fObA9lks
reFRAj3m+/sqkMlWmHi1p3awzFYkivKFIrDYWTfCU6guzBQFZN+Nb47+oGP/IMqJ
6x5tWQyQ0odeTvlNXQlGOssIlChQOD3fFa+yPCD+KuEyS8gOYC/y6eALQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCmLKyVw4fTtjl0Aswu52QQW3GuJMB8GA1UdIwQY
MBaAFBSKDEBnyjOsdlc/yGz9dbfs0gD/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRklvTVFHZktNNngyVnpfSWJQMTF0LXpTQVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wMDlmYjctOWVkMC00NGZmLWI3ZGIt
OWUwN2I1NmI1N2I4LzEvS1lzckpYRGg5TzJPWFFDekM3blpCQmJjYTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wMDlmYjctOWVkMC00NGZmLWI3ZGItOWUwN2I1NmI1N2I4
LzEvRklvTVFHZktNNngyVnpfSWJQMTF0LXpTQVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGvEnAAwQG
1JhAMA0EAgACMAcDBQAqAKiAMA0GCSqGSIb3DQEBCwUAA4IBAQA6eUbeTSTLR/x8
CLuqJBGXEbLvcOHFGhce1TdRXdaYvd670UCIuqN4E/f31knVCfb1QOUPcbafFXN/
/CNa6DBRSBdFhMkiSE69X02odC8jsi00+IxIoil/Jq0vAVPXbNf7VcpTrbsFNcEx
rB/7baguqXfrMwMelR9IfgcOvIb8EF/vlaHS//2o7dc5ObHO3or6T6FddsrCGhr8
o0eAiFp6vynSS7I3lVzxQoioEDgwyDP+zvnNBlCklCKB2yZLQsTA0EPe96J8KfTz
kOoYCjdX1HAyuZtIXv0k2bkrd+8M6CL4Yo7yQjfathAq8VOKPWahvCVb6DKu30CI
0sRaG0nV
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:00:57 2024 by rpki-client on console.sobornost.net